[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Some stuff about Diffie-Hellman (and more :-)

To: [email protected] (Robert Cain)
Subject: Re: Some stuff about Diffie-Hellman (and more :-)
From: "Perry E. Metzger" <[email protected]>
Date: Tue, 08 Feb 1994 19:45:58 -0500
Cc: [email protected] (cypherpunks)
In-Reply-To: Your message of "Tue, 08 Feb 1994 16:16:32 PST." <[email protected]>
Reply-To: [email protected]


Robert Cain says:
> Perry E. Metzger sez:
> > 
> > Indeed, a paper has been published on how to break Sun Secure RPC
> > based on the idiotic decision by someone at Sun to standardise the
> > modulus used. It is basically a matter of precomputing a lot of data
> > based on the numbers which allows you to break any particular discrete
> > log in that field on the fly. The suggestion by Mr. Cain to use a
> > single generator and modulus for all traffic is astonishingly naive.
> 
> Now wait a minute, Perry.  If a device is going to use other than a 
> set of known moduli or even just one, how are two devices going to each
> know what the other is using without a listner knowing?

You don't care if a listener hears the information on the modulus and
generator. It doesn't matter. You can broadcast it in the clear.

The point I was making was that if you always use the same modulus the
attacker can expend the effort to attack your modulus just once and
can then crack individual D-H sessions trivially. If you change each
time, you can't be attacked in this way.

.pm

Follow-Ups:
- Re: Some stuff about Diffie-Hellman (and more :-)
  - From: [email protected] (Robert Cain)

References:
- Re: Some stuff about Diffie-Hellman (and more :-)
  - From: [email protected] (Robert Cain)

Prev by Date: No Subject
Next by Date: Re: Crypto Regulation Reform
Prev by thread: Re: Some stuff about Diffie-Hellman (and more :-)
Next by thread: Re: Some stuff about Diffie-Hellman (and more :-)
Index(es):
- Date
- Thread